def permission_check(self, page): perms = db.get(page.permissions) anonrole = Role.all().filter("name", "Anonymous").get() if perms: for perm in perms: if perm.role.name == "Anonymous": return True user = self.ws.users.get_current_user(self) if not user: return False actions = [] if self.ws.users.is_current_user_admin(self): return True for perm in perms: if perm.role.key() == anonrole.key(): actions.append(perm.type) return True if user.key() in perm.role.users: actions.append(perm.type) if len(actions) == 0: return False else: return True else: return True
def post(self): if 'register-email' not in self.request.arguments() or 'register-password' not in self.request.arguments() or 'confirm-password' not in self.request.arguments(): self.json_out({'success': False,'message': 'Required parameter missing.'}) if self.request.get('register-email') == "" or self.request.get('register-password') == "" or self.request.get('confirm-password') == "" or self.request.get('confirm-password') != self.request.get('register-password'): self.json_out({'success': False,'message': 'Please enter a valid email address and password to register'}) user = self.ws.users.get_current_user(self) wsuser = User.register_user(self.request.get('register-email'), self.request.get('register-password'), self.ws.site.secret, user) email_notifier.EmailNotifier.notify(Role.get_administrators(), '*****@*****.**', self.create_admin_content()) email_notifier.EmailNotifier.notify([wsuser], '*****@*****.**', self.create_user_content()) self.redirect(self.request.get("return_url") or "/")
def is_current_user_admin(cls, handler): if u'user' in handler.session: user = User.get(handler.session['user']) role = Role.all().filter("name", "Administrator").get() if user.key() in role.users: return True else: return False else: return False
def get(self): contents = Content.all().fetch(1000) theme_packages = ThemePackage.all().fetch(1000) themes = Theme.all().fetch(1000) pages = Page.all().fetch(1000) images = Image.all().fetch(1000) roles = Role.all().fetch(1000) sections = Section.all().fetch(1000) _users = User.all().fetch(1000) actions = ACTIONS template_values = {'logout_url':self.ws.users.create_logout_url('/'),'theme_packages': theme_packages,'themes': themes, 'images': images, 'pages': pages, 'contents':contents, 'roles':roles, 'users':_users, 'actions': actions, 'sections': sections, 'site': self.ws.site} self.response.out.write(template.render('templates/manage.html',template_values))
def get(self, args, format): type = args.split("/")[0] key = args.split("/")[1] model = db.get(key) result = model.delete() self.ws.site.sanity_check() for role in Role.all().fetch(1000): role.sanity_check() for permission in Permission.all().fetch(1000): permission.sanity_check() memcache.flush_all() self.response.out.write(type + " : " + key)
def generate_admin_html(self, page, user): contents = Content.all().fetch(1000) roles = Role.all().fetch(1000) emaildata = {"contents": contents, "roles": roles} emailcontext = template.Context(emaildata) email_template = template.Template(open("templates/email.html").read()) email_html = email_template.render(emailcontext) admindata = { "page_edit": Page.to_form(self.request.path, "edit", page.key()), "theme_edit": Theme.to_form(self.request.path, "edit", page.theme.key(), page.key()), "page_key": page.key(), "path": self.request.path, "permission_table": Permission.get_table(page.key()), "sections": ( { "name": section.name.replace("section_", "").capitalize(), "theme_key": section.theme.key(), "theme_html": section.theme.html, "theme_css": section.theme.css, "theme_js": section.theme.js, "content": ( { "title": content.title, "content_edit": Content.to_edit_list("title", self.request.path), "content_form": Content.to_form( self.request.path, "edit", content.key(), section.key() ), "content_deepform": Content.to_form(self.request.path, rel_key=section.key()), } for content in section.get_contents() ), } for section in page.get_sections() ), "page_form": Page.to_form(self.request.path, rel_key=self.ws.site.key()), "user_form": User.to_form(self.request.path), "user_list": User.to_edit_list("email", self.request.path, True), "user_edit_form": User.to_form(self.request.path, "edit", user.key()), "user_import": open("defaults/admin/user_import.html").read(), "images": self.ws.site.images_for_use(), "email_blast": email_html, } context = template.Context(admindata) admin_template = template.Template(open("defaults/admin/tabs.html").read()) admin_html = admin_template.render(context) return admin_html